Deploying Linux Evolutionary, Not Revolutionary LinuxFest Northwest Bellingham, WA April 26th, 2003 Eric Harrison Supervisor of Network Services Multnomah.

Deploying LinuxEvolutionary, Not Revolutionary

LinuxFest Northwest Bellingham, WAApril 26th, 2003

Eric HarrisonSupervisor of Network Services

Multnomah Education Service District

1996: In The Beginning....

● There was a lone penguin

● Riverdale School District played around with Samba file services

Legend

Proprietary Server:

Open Source Server:

1997: K12Linux Project

● Riverdale School District volunteers its facilities to host the Portland Linux User's Group's install clinics– In turn, Riverdale gets

a room full of experts once a month

– K12Linux project is formed

1998: Testing The Waters

● Proxy Servers placed in several of the large schools to conserve bandwidth

● FTP server added

Early 1999: The Ball Starts Rolling

● New services added: Web and LDAP

● The first conversions occur...

Early 1999: The Ball Starts Rolling

● New services added: Web and LDAP

● The first conversions occur...– DNS server: Linux

was quick to fix the BIND bug

Early 1999: The Ball Starts Rolling

● New services added: Web and LDAP

● The first conversions occur...– DNS server: Linux

was quick to fix the BIND bug

– Proxies centralized

Early 1999: The Ball Starts Rolling

● New services added: Web and LDAP

● The first conversions occur...– DNS server: Linux

was quick to fix the BIND bug

– Proxies centralized– Centennial Mail Server

Bind BugOpen Source vs Proprietary Software

● MESD used HP-UX DNS servers, running Bind 4● The big Bind bug hit and HP dragged its feet

putting out a patch● We got tired of waiting, knew that there was an

exploit in the wild● The Linux version of Bind had been patched

immediately● Tested Linux and found it to be much faster

Centralized Proxies

● Having proxies in each school ended up being more trouble than it was worth

● Pulled proxies out of the schools and centralized them

● Used Layer-4 switch to make the proxying transparent, load-balanced, fail-over protected

● Huge success

Centennial Mail Server

● District's sysadmin fed up with their proprietary mail server– Sent out an email saying that the district would be

without email until further notice– Pulled the plug

● MESD was evaluating replacing its mail server, asked Centennial if they wanted to be guinea pigs.

● Had them up and running in a couple of hours● Been running fine ever since

Late 1999: Road to Domination

● MESD LAN taken by storm:– File/Print– Email– DHCP

2000: First Tries at the Desktop

● Riverdale School District deploys a Linux Terminal Server (LTSP)

● Redundant DNS and mail relay servers added

● More Linux servers in the schools

2001: The Filter Disaster

● Dismal, painful, expensive disaster with proprietary web filter

● Linux saves the day!● More redundancy

2002: Terminal Services Takes Off

● LTSP labs spring up all over the place– Budget crunches, old

hardware– MS Audits help

● More file/web/email servers in the schools

Overall Goals and Objectives

● Reduce Costs● Increase Reliability● Decrease management headaches● Encourage learning!!!!● Fame, glory, tons of cash, stock options, adequate

budgets, and all the other benefits of working in Education (yeah, right!)

What Has Worked

● Patience!– We've been working non-stop for the last seven years

to get were we are. Schools move very, very slowly

● Transparent implementations– Start by putting Linux were it 1) solves a problem and

2) doesn't require additional work from anyone else

● Keep on asking how much things cost!– And say “Wow! That's expensive! What does it offer

that my free solution does not?”

Bumps in the Road

● Anything that requires special configuration of workstations will fail.

● Lack of technical talent, at all levels.● Path of least resistance.● General unwillingness to learn.● Legacy proprietary systems are tough to dispose

of.● Differences in ideology.

General Approach to Technology

● Modular designs: let others pick and choose what they want to use

● Platform agnostic, avoid the PC/Mac wars● Standard protocols, interoperability is mandatory● Distributed management● Always have an exit plan, technology changes

quickly

Projects

● Linux in Schools Project:

– http://k12linux.org● K12LTSP, the K12 Linux Terminal Server Project:

– http://k12ltsp.org● SquidGuard web filter:

– http://squidguard.mesd.k12.or.us● K12 Open Source discussion board:

– http://www.k12os.org